update checkov.sh so it can use the checkov.yaml from a PR

update static-check PAC def to use PR branch checkov changes

Author: gabemontero

.tekton/pipeline-service-static-code-analysis.yaml

@@ -118,7 +118,7 @@ spec:
               image: quay.io/redhat-pipeline-service/static-checks:$(params.target_branch)
               script: |
                 #!/usr/bin/env bash
-                /opt/static-checks/bin/checkov.sh --workspace_dir $(workspaces.source.path)
+                $(workspaces.source.path)/ci/images/static-checks/content/bin/checkov.sh --workspace_dir $(workspaces.source.path) --config-file $(workspaces.source.path)/ci/images/static-checks/content/config/checkov.yaml
           workspaces:
             - name: source
   workspaces:

ci/images/static-checks/content/bin/checkov.sh

@@ -33,12 +33,15 @@ usage() {
 Usage:
     ${0##*/} [options]
 
-Run yamllint in the content of the workspace directory
+Run checkov against the content of the workspace directory
 
 Optional arguments:
     -w, --workspace_dir WORKSPACE_DIR.
         Workspace directory.
         Default: $PROJECT_DIR
+    -c, --config-file CONFIG_FILE
+        Configuration file.
+        Default: the path '../config/checkov.yaml' from this script
     -d, --debug
         Activate tracing/debug mode.
     -h, --help
@@ -51,6 +54,7 @@ Example:
 
 parse_args() {
     WORKSPACE_DIR="$PROJECT_DIR"
+    CONFIG_FILE="$SCRIPT_DIR/../config/checkov.yaml"
     while [[ $# -gt 0 ]]; do
         case $1 in
         -w | --workspace_dir)
@@ -66,6 +70,10 @@ parse_args() {
             usage
             exit 0
             ;;
+        -c | --config-file)
+            shift
+            CONFIG_FILE="$1"
+            ;;
         *)
             echo "[ERROR] Unknown argument: $1" >&2
             usage
@@ -81,7 +89,7 @@ init() {
 }
 
 run() {
-    checkov --directory "$WORKSPACE_DIR" --config-file "$SCRIPT_DIR/../config/checkov.yaml"
+    checkov --directory "$WORKSPACE_DIR" --config-file "$CONFIG_FILE"
 }
 
 main() {